A guide on integrating Microsoft Entra Workload ID data into Microsoft Sentinel for advanced security monitoring and enrichment.
Explores security-focused open-source workbooks for Azure Monitor and Microsoft Sentinel, highlighting use cases and reviewing specific templates.
A technical guide comparing agent options (Log Analytics, Azure Monitor, Defender for Identity) for monitoring Active Directory logs in Microsoft Sentinel.
A guide to using KQL aggregation functions like count() and dcount() in Microsoft Sentinel/Log Analytics to summarize and analyze security alert data.
A framework for categorizing security engineering work into four key buckets: prevention, detection, damage reduction, and work generation.
